Risk management and security in service-based architectures

For today’s global value chains, seaports and their operations are indispensable components. In many cases, the cargo handling takes place in close proximity to residential and/or environmentally sensitive areas. Furthermore, seaports are often not operated by a single organization, but need to be considered as communities of sometimes hundreds of internal and external stakeholders. Due to their close cooperation in the cargo handling process, risk management should be a common approach among the internal stakeholders as well in order to effectively mitigate and respond to emerging risks. However, empirical research has revealed that risk management is often limited to the organization itself, which indicates a clear lack of cooperation. Primary reasons in this regard are missing knowledge about the relations and responsibilities within the port and differing terminologies. Therefore, we propose an ontology (CoRiMaS) that implements a developed reference model for risk management that explicitly aims at seaports with a cooperative approach to risk management. CoRiMaS has been designed looking at the Semantic Web and at the Linked Data model to provide a common interoperable vocabulary in the target domain. The key concepts of our ontology comprise the hazard, stakeholder, seaport, cooperation aspect, and risk management process. We validated our ontology by applying it in a case study format to the Port of Hamburg (Germany). The CoRiMaS ontology can be widely applied to foster cooperation within and among seaports. We believe that such an ontological approach has the potential to improve current risk management practices and, thereby, to increase the resilience of operations, as well as the protection of sensitive surrounding areas.

show abstract

“…An elaborated approach that can be used to identify, analyse, evaluate, handle and/or monitor risks [56].…”

Section: Rm-methodsmentioning

confidence: 99%

CoRiMaS—An Ontological Approach to Cooperative Risk Management in Seaports

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In our previous work [10], we showed that, in a service environment, managing security and handling threats requires advanced methodologies for risk management. In order to accomplish the risk identification in step 7B, we relied on a threat modeling approach, particularly the Coras approach [11] due to its flexibility to be used in service environments.…”

Section: Phase 2: Risk Managementmentioning

confidence: 99%

Securing Collaborative Business Processes: A Methodology for Security Management in Service-Based Infrastructure

Nassar¹,

Badr²,

Biennier³

et al. 2012

Advances in Production Management Systems. Value Networks: Innovation, Technologies, and Management

Self Cite

View full text Add to dashboard Cite

Abstract. In order to secure collaborative business processes, we present a methodological approach that early integrates security and risk management throughout the design process of service-oriented architectures. We develop our methodology based on two complementary axes: the first being the business needs while the second, is ensuring a consistent security between partners at the runtime. The information security is globally applied to business needs, service specifications and infrastructure deployment. Finally, we annotate services with security parameters that could be used to improve the selection of secure services in run-time.

show abstract